android12 aosp去除root特征
文章最后更新时间为:2024年08月13日 15:08:50
网上关于aosp的修改都是基于android8或者android10,对于android12来说有一些细微的变化,这里记录下编译android12 的aosp,并且去除其root特征。
编译过程和环境完全基于之前的文章: https://saucer-man.com/android/986.html
修改test-keys为release-keys
在以下几个系统属性中会出现test-keys的特征,这也会导致一些检测软件认为系统是root的
ro.system.build.fingerprint
ro.system.build.tags
ro.build.display.id
ro.build.tags下面将test-keys修改为正常系统才有的的release-keys
1./build/make/core/sysprop.mk
将下面代码中的dev-keys和test-keys都替换成release-keys,修改前
ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/make/target/product/security/testkey)
BUILD_KEYS := test-keys
else
BUILD_KEYS := dev-keys
endif修改后
ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/make/target/product/security/testkey)
BUILD_KEYS := release-keys
else
BUILD_KEYS := release-keys
endif2.build/core/config.mk
在aosp源码根目录执行下面shell命令,生成release key,在用户home目录下
subject='/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
mkdir ~/.android-certs
for cert in bluetooth cyngn-app media networkstack platform releasekey sdk_sandbox shared testcert testkey verity; do \
./development/tools/make_key ~/.android-certs/$cert "$subject"; \
done将生成的releasekey.pk8和releasekey.x509.pem放在build/target/product/security目录下,然后修改build/core/config.mk
修改前
ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE
DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE)
else
DEFAULT_SYSTEM_DEV_CERTIFICATE := build/make/target/product/security/testkey
endif修改后
ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE
DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE)
else
DEFAULT_SYSTEM_DEV_CERTIFICATE := build/make/target/product/security/releasekey
endif修改su为xu
1./system/extras/su文件夹的名称从su修改为xu,然后修改该文件夹下Android.mk文件中su修改为xu
2.frameworks/native/cmds/dumpstate/DumpstateUtil.cpp中,/system/xbin/su 修改为 /system/xbin/xu
3.将下面几个文件中的 /system/xbin/su 修改为 /system/xbin/xu
4.system/core/libcutils/fs_config.cpp中 system/xbin/su 修改为 system/xbin/xu
5.build/make/target/product/base_system.mk中su修改为xu
验证
修改完上面的步骤,然后编译安装即可,先测试下xu命令和release-keys有没有生效
最后用hunter来测试下
